fix(ci+rds): unbreak Docker workflow + RDS engine_version validator#818
Merged
vieiralucas merged 2 commits intomainfrom Apr 28, 2026
Merged
fix(ci+rds): unbreak Docker workflow + RDS engine_version validator#818vieiralucas merged 2 commits intomainfrom
vieiralucas merged 2 commits intomainfrom
Conversation
`aquasecurity/trivy-action@v0.30.0` pins `aquasecurity/setup-trivy@v0.2.2` internally, which has been removed upstream — only `v0.2.6` exists today. The pin breaks every workflow run with `Unable to resolve action aquasecurity/setup-trivy@v0.2.2, unable to find version v0.2.2`. Bump to `v0.36.0` (SHA pinned), which references `setup-trivy@v0.2.6`. No input changes needed; the action surface is backwards compatible.
vieiralucas
changed the title
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
1 issue found across 1 file (changes from recent commits).
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="crates/fakecloud-rds/src/service.rs">
<violation number="1" location="crates/fakecloud-rds/src/service.rs:2486">
P2: Don't add MariaDB 11.4 here unless the matching default parameter-group and engine-version metadata are wired through too.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
vieiralucas
force-pushed
the
worktree-trivy-action-bump
branch
3 times, most recently
from
9603ff4 to
2cf0af7
Compare
`aws_lambda_bridge_mysql_round_trip` and the matching mariadb test in PR #810 use `engine_version("8.0")` / `("10.11")` — short major-only strings AWS RDS accepts. The CreateDBInstance validator only knew about full `<major>.<minor>.<patch>` strings (`8.0.35`, `10.11.6`), so both tests have been failing on every main run since #810 merged with `EngineVersion 'X' is not supported yet.` Add the short majors for postgres, mysql, and mariadb to `supported_versions`. The runtime already resolves them — it parses the prefix to pick an image tag — so this is a validator-only gap.
vieiralucas
force-pushed
the
worktree-trivy-action-bump
branch
from
2cf0af7 to
738abf5
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Two fixes to clear red CI on main after #814 + #810 merged:
aquasecurity/trivy-actionv0.30.0 -> v0.36.0. v0.30.0 internally pinsaquasecurity/setup-trivy@v0.2.2which upstream has removed — the only reachable tag isv0.2.6. Every Docker workflow run failed withUnable to resolve action aquasecurity/setup-trivy@v0.2.2. v0.36.0 referencessetup-trivy@v0.2.6; input surface unchanged.CreateDBInstancevalidator. PR feat(rds): MySQL/MariaDB Lambda bridge + prebuilt images #810'saws_lambda_bridge_mysql_round_trip+aws_lambda_bridge_mariadb_round_tripuseengine_version("8.0")/("10.11")— major-only strings AWS RDS accepts. The validator only knew about full<major>.<minor>.<patch>triplets, so both tests have been failing on every main E2E run since feat(rds): MySQL/MariaDB Lambda bridge + prebuilt images #810. Added postgres/mysql/mariadb majors tosupported_versions.Test plan
Unable to resolve action).aws_lambda_bridge_mysql_round_trip+aws_lambda_bridge_mariadb_round_trippass on the PR run.